Issue No. 05 - September/October (2007 vol. 5)
DOI Bookmark: http://doi.ieeecomputersociety.org/10.1109/MSP.2007.117
Jonathan Caulkins , Carnegie Mellon University
Eric D. Hough , Space and Naval Warfare Systems Center San Diego
Nancy R. Mead , Software Engineering Institute
Hassan Osman , Ernst & Young
As a software engineer or client, how much of your budget should you spend on software security mitigation for the applications and networks on which you depend? The authors introduce a novel way to optimize a combination of security countermeasures under fixed resources.
software engineering, requirements engineering, risk management, integer programming
J. Caulkins, H. Osman, E. D. Hough and N. R. Mead, "Optimizing Investments in Security Countermeasures: A Practical Tool for Fixed Budgets," in IEEE Security & Privacy, vol. 5, no. , pp. 57-60, 2007.